search

dcodeIO / bcrypt.js

Optimized bcrypt in plain JavaScript with zero dependencies.
Other
3.47k stars 264 forks source link

No new releases in 3 years #116

Closed thernstig closed 4 years ago

thernstig commented 4 years ago

I've read this repos README.md, but cannot get a good grasp on this.

The npm registry https://www.npmjs.com/package/bcryptjs has not been updated in 3 years. Whereas this other npm repo https://www.npmjs.com/package/bcrypt (which is not a pure js library) receives frequent updates.

So two questions:

  1. Since this package has not been updated in 3 years, could it potentially be "unsafe" in any sense? Considering https://www.npmjs.com/package/bcrypt often receives updates but solves the same thing.
  2. Is thus, due to the above question, https://www.npmjs.com/package/bcrypt a better choice?
dcodeIO commented 4 years ago

It's fine, the algorithm hasn't changed.

thernstig commented 4 years ago

Thanks!